<?php #//v.3.3.0
#///////////////////////////////////////////////////////
#// COPYRIGHT 2007 Phpauction.net ALL RIGHTS RESERVED //
#///////////////////////////////////////////////////////

require('../includes/config.inc.php');
include "loggedin.inc.php";

#//Default for error message (blank)
$ERR = "&nbsp;";

#// Update message
if($_POST[action] == "update" && phpa_securepost($_POST)){

	if (!PHP_4 )
	{
	  require_once './htmlpurifier/library/HTMLPurifier.auto.php';
	  $config = HTMLPurifier_Config::createDefault();
	  $config->set('Core', 'Encoding', 'ISO-8859-1');
	  $config->set('HTML', 'Doctype', 'HTML 4.01 Transitional');
	  $config->set('HTML', 'AllowedElements', 'div,a,em,blockquote,p,code,pre,table,font,tbody,td,tr,b,strong,u,ul,li,ol');
	  $purifier = new HTMLPurifier($config);
	}
	else
	{
	   require_once './class/phpauction_purify.php';
	   $purifier = new HTMLPurifier();
	   $purifier->allowed_tags(array("div","a","em","blockquote","p","code","pre","table","font","tbody","td","tr","b","strong","u","ul","li","ol" ));
	}



  if(strlen($_POST[question]) == 0 && strlen($_POST[answer]) == 0){
    $ERR = "Required fields missing (all fields are required).";
    $faq = $_POST;
  }else{
    $clean_question = $purifier->purify(stripslashes($_POST['question'][$SETTINGS['defaultlanguage']]));
    $clean_answer = $purifier->purify(stripslashes($_POST['answer'][$SETTINGS['defaultlanguage']]));
    $_POST['question'][$SETTINGS['defaultlanguage'] = $clean_question;
    $_POST['answer'][$SETTINGS['defaultlanguage']   = $clean_answer;

    $query = "UPDATE PHPAUCTIONXL_faqs SET category=$_POST[category],
           question='".$_POST['question'][$SETTINGS['defaultlanguage']]."',
           answer='".$_POST['answer'][$SETTINGS['defaultlanguage']]."'
           where id='".$_POST['id']."'";
    $res = @mysql_query($query);
    if(!$res){
      print "Error: $query<BR>".mysql_error();
      exit;
    }else{
      reset($LANGUAGES);
      while(list($k,$v) = each($LANGUAGES)){
        $clean_question = $purifier->purify($_POST['question'][$k]);
        $clean_answer = $purifier->purify($_POST['answer'][$k]);
        $_POST['question'][$k] = $clean_question;
        $_POST['answer'][$k] = $clean_answer;

        $TR=@mysql_result(@mysql_query("SELECT question FROM PHPAUCTIONXL_faqs_translated WHERE lang='".$k."' AND id=".$_POST['id']),0,"question"); 
        if($TR){
          $query = "UPDATE PHPAUCTIONXL_faqs_translated SET 
              question='".addslashes($clean_question)."',
              answer='".addslashes($clean_answer)."'
              WHERE id='".$_POST['id']."' AND
              lang='$k'";
        }else{

          $query = "INSERT INTO PHPAUCTIONXL_faqs_translated VALUES(
              '".$_POST['id']."',
              '$k',
              '".addslashes($clean_question)."',
              '".addslashes($clean_answer)."')";
        }
        @mysql_query($query);
        unset($TR);
      }  
      Header("Location: faqs.php");
      exit;
    }
  }
}

if($_POST[action] != "update")
{
  #// Get data from the database
  $query = "SELECT * FROM PHPAUCTIONXL_faqs WHERE id='".$_GET['id']."'";
  $res = @mysql_query($query);
  if(!$res)
  {
    print "Error: $query<BR>".mysql_error();
    exit;
  }
  $faq = mysql_fetch_array($res);
  
  #//
  $query = "SELECT * FROM PHPAUCTIONXL_faqscategories ORDER BY category";
  $res_c = @mysql_query($query);
  if(!$res_c)
  {
    print "Error: $query<BR>".mysql_error();
    exit;
  }
}
?>
<HTML>
<HEAD>
<link rel='stylesheet' type='text/css' href='style.css' />
<script type="text/javascript" src="../js/tinymce/jscripts/tiny_mce/tiny_mce.js"></script>
<script type="text/javascript">
tinyMCE.init({
        mode : "textareas",
        theme : "advanced",
        language: "en",
        plugins : "table",
        theme_advanced_buttons1 : "backcolor, forecolor, bold,italic,underline,separator,strikethrough,justifyleft,justifycenter,justifyright, justifyfull,bullist,numlist,undo,redo,link,unlink",
        theme_advanced_buttons2 : "fontselect, fontsizeselect, image",
        theme_advanced_buttons3 : "tablecontrols",
        theme_advanced_toolbar_location : "top",
        theme_advanced_toolbar_align : "left",
        force_br_newlines : "false",
        extended_valid_elements : "a[name|href|target|title|onclick],img[class|src|border=0|alt|title|hspace|vspace|width|height|align|onmouseover|onmouseout|name],hr[class|width|size|noshade],font[face|size|color|style],span[class|align|style]"
});
</script>

<link href="css/main.css" rel="stylesheet" type="text/css">
</HEAD>
<body bgcolor="#FFFFFF" text="#000000" link="#0066FF" vlink="#666666" alink="#000066" leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
<FORM NAME="faq" METHOD="post" ACTION="<?=basename($_SERVER['PHP_SELF'])?>">
<table width="100%" border="0" cellpadding="0" cellspacing="0">
  <tr> 
    <td><table width="100%" border="0" cellspacing="0" cellpadding="0" class="titulo">
        <tr> 
          <td class="icono"><img src="images/content_icon2.gif" width="28" height="27" ></td>
          <td class="breadcrumbs"><p><span><?=$MSG_25_0018?></span>&nbsp;&gt;&gt;&nbsp;<?=$MSG_5232?></p></td>
        </tr>
      </table></td>
  </tr>
  <tr>
    <td align="center" valign="middle">&nbsp;</td>
  </tr>
    <tr> 
    <td align="center" valign="middle">
  <TABLE WIDTH="95%" BORDER="0" CELLSPACING="0" CELLPADDING="0" ALIGN="CENTER" >
    <TR align=center>
      <TD BGCOLOR="#ffffff">&nbsp;
      
      </TD>
    </TR>
    <TR>
      <TD>
        <TABLE WIDTH="100%" BORDER="0" CELLSPACING="0" CELLPADDING="0" class="base"  style="border:1px solid #ccc;">
          <TR>
            <TD COLSPAN="2"align=center class=title>
              <p>  <?=$MSG_5241?></p>
            </TD>
          </TR>
          <TR>
            <TD WIDTH="23%" class="lineV" HEIGHT="27" VALIGN="top">
             <p class="blue"> <?=$MSG_5238?></p>
              </TD>
            <TD WIDTH="77%" CLASS=link HEIGHT="27">
              <SELECT NAME="category">
                <?
                while($row = mysql_fetch_array($res_c))
                {
                  $row[category]=stripslashes($row[category]);
                  print "<OPTION VALUE=\"$row[id]\"";
                  if($faq[category] == $row[id]) print " SELECTED";
                  print ">$row[category]</OPTION>\n";
                }
                $res_tr = @mysql_query("SELECT * FROM PHPAUCTIONXL_faqs_translated WHERE id='".$_GET['id']."'");
                while($tr=mysql_fetch_array($res_tr)){
                  $QUESTION_TR[$tr['lang']] = $tr['question'];
                  $ANSWER_TR[$tr['lang']] = $tr['answer'];
                }
              ?>
              </SELECT>
              </TD>
          </TR>
          <TR BGCOLOR="#FFFFFF" valign=top>
            <TD WIDTH="23%" class="lineV gris" HEIGHT="27" VALIGN="top"> <p class="blue"><?=$MSG_5239?></p></TD>
            <TD WIDTH="77%"  class="gris" HEIGHT="27">
              <IMG SRC="../includes/flags/<?=$SETTINGS['defaultlanguage']?>.gif">&nbsp;<INPUT TYPE="text" NAME="question[<?=$SETTINGS['defaultlanguage']?>]" SIZE="35" MAXLENGTH="200" VALUE="<?=stripslashes($QUESTION_TR[$SETTINGS['defaultlanguage']])?>">
              <?
                reset($LANGUAGES);
                while(list($k,$v) = each($LANGUAGES)){
                  if($k!=$SETTINGS['defaultlanguage']) print "<BR><IMG SRC=../includes/flags/".$k.".gif>&nbsp;<INPUT TYPE=text NAME=question[$k] SIZE=35 MAXLENGTH=200 VALUE=\"".stripslashes($QUESTION_TR[$k])."\">";
                }
              ?>
            </TD>
          </TR>
          <TR BGCOLOR="#FFFFFF">
            <TD WIDTH="23%" class="lineV" HEIGHT="27" VALIGN="top"> <p class="blue"><?=$MSG_5240?></p></TD>
            <TD WIDTH="77%" CLASS=link HEIGHT="27">
              <IMG SRC="../includes/flags/<?=$SETTINGS['defaultlanguage']?>.gif"><BR /><TEXTAREA NAME="answer[<?=$SETTINGS['defaultlanguage']?>]" COLS="65" ROWS="15"><?=stripslashes($ANSWER_TR[$SETTINGS['defaultlanguage']])?></TEXTAREA>
              <?
                reset($LANGUAGES);
                while(list($k,$v) = each($LANGUAGES)){
                  if($k!=$SETTINGS['defaultlanguage']) print "<BR><IMG SRC=../includes/flags/".$k.".gif><BR /><TEXTAREA NAME=answer[$k] COLS=65 ROWS=15>".stripslashes($ANSWER_TR[$k])."</TEXTAREA>";
                }
              ?>
            </TD>
          </TR>
          <TR>
            <TD WIDTH="23%" class="lineV">
              <INPUT TYPE="hidden" NAME="action" VALUE="update" /> <INPUT TYPE="hidden" NAME="security" VALUE="<?php echo $_SESSION['security'];?>" />
              <INPUT TYPE="hidden" NAME="id" VALUE="<?=$_GET['id']?>">
            </TD>
            <TD WIDTH="77%" BGCOLOR="#FFFFFF">
              <INPUT TYPE="submit" NAME="Submit" VALUE="SAVE CHANGES" class="action">
            </TD>
          </TR>
        </TABLE>
      </TD>
    </TR>
  </TABLE>
</TD>
</TR>
</TABLE>
</FORM>
</BODY>
</HTML>
